Zusammenfassung: SELinux is preventing polkit-grant-he (polkit_grant_t) "read" initrc_t. Detaillierte Beschreibung: [SELinux ist im Permissive-Modus. Dieser Zugriff wurde nicht verweigert.] SELinux denied access requested by polkit-grant-he. It is not expected that this access is required by polkit-grant-he and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Zugriff erlauben: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Zusätzliche Informationen: Quellkontext system_u:system_r:polkit_grant_t:s0-s0:c0.c1023 Zielkontext system_u:system_r:initrc_t:s0 Zielobjekte exe [ lnk_file ] Quelle polkit-grant-he Quellen-Pfad /usr/libexec/polkit-grant-helper Port <Unbekannt> Host (removed) Quellen-RPM-Pakete PolicyKit-0.9-6.fc11 Ziel-RPM-Pakete RPM-Richtlinie selinux-policy-3.6.12-86.fc11 SELinux aktiviert True Richtlinienversion targeted MLS aktiviert True Enforcing-Modus Permissive Plugin-Name catchall Hostname (removed) Plattform Linux (removed) 2.6.30.9-96.fc11.x86_64 #1 SMP Wed Nov 4 00:02:04 EST 2009 x86_64 x86_64 Anzahl der Alarme 9 Zuerst gesehen Mo 09 Nov 2009 23:13:34 CET Zuletzt gesehen Mi 18 Nov 2009 18:38:33 CET Lokale ID 3d0b8158-b09f-4cdb-bae9-c4d59729f801 Zeilennummern Raw-Audit-Meldungen node=(removed) type=AVC msg=audit(1258565913.532:40): avc: denied { read } for pid=4036 comm="polkit-grant-he" name="exe" dev=proc ino=34842 scontext=system_u:system_r:polkit_grant_t:s0-s0:c0.c1023 tcontext=system_u:system_r:initrc_t:s0 tclass=lnk_file node=(removed) type=SYSCALL msg=audit(1258565913.532:40): arch=c000003e syscall=89 success=yes exit=15 a0=7fffcc44ed90 a1=7fffcc44eea0 a2=fff a3=18 items=0 ppid=4035 pid=4036 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=87 sgid=87 fsgid=87 tty=(none) ses=1 comm="polkit-grant-he" exe="/usr/libexec/polkit-grant-helper" subj=system_u:system_r:polkit_grant_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.12-86.fc11,catchall,polkit-grant-he,polkit_grant_t,initrc_t,lnk_file,read audit2allow suggests: #============= polkit_grant_t ============== allow polkit_grant_t initrc_t:lnk_file read;
You report F11 policy bug on an F12 machine. Please complete the update. *** This bug has been marked as a duplicate of bug 538428 ***